Cisco 3.3 User Manual
Page 809
F-23
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Appendix F RDBMS Synchronization Import Definitions
Action Codes
174
ADD_IOS_
COMMAND
UN|GN,
VN, V1
Authorizes the given Cisco IOS command and
determines if any arguments given to the command
are to be found in a defined set or are not to be found
in a defined set. The defined set is created using
Actions 176 and 177:
GN = "Group 1"
VN = "telnet"
V1 = "permit"
or
UN = "fred"
VN = "configure"
V1 = "deny"
The first example permits the Telnet command to be
authorized for users of Group 1. Any arguments can
be supplied to the Telnet command as long as they are
not matched against any arguments defined via Action
176.
The second example permits the configure command
to be authorized for user fred, but only if the
arguments supplied are permitted by the filter defined
by a series of Action 176.
175
REMOVE_IOS_
COMMAND
UN|GN,
VN
Removes command authorization for the user or
group:
GN = "Group 1"
VN = "telnet"
or
UN = "fred"
VN = "configure"
Users of Group 1 can no longer use the Cisco IOS
telnet command.
User fred can no longer use the configure command.
Table F-5
Action Codes for Modifying TACACS+ and RADIUS Group and User Settings (continued)
Action
Code
Name
Required
Description